function getSudoers($project) { $project->fetchProjectInfo(); $projectName = $project->getProjectName(); $this->userNova->setProject($projectName); $regions = $this->userNova->getRegions('compute'); $headers = array('openstackmanager-sudoername', 'openstackmanager-sudoerusers', 'openstackmanager-sudoerrunas', 'openstackmanager-sudoercommands', 'openstackmanager-sudoeroptions', 'openstackmanager-actions'); $sudoers = OpenStackNovaSudoer::getAllSudoersByProject($projectName); $sudoerRows = array(); foreach ($sudoers as $sudoer) { $sudoerRow = array(); $sudoerName = $sudoer->getSudoerName(); $this->pushResourceColumn($sudoerRow, $sudoerName); $userNames = array(); $projectmembers = $project->getMembers(); $userNames = $this->makeHumanReadableUserlist($sudoer->getSudoerUsers(), $project); $sudoRunAsUsers = $this->makeHumanReadableUserlist($sudoer->getSudoerRunAsUsers(), $project); $this->pushRawResourceColumn($sudoerRow, $this->createResourceList($userNames)); $this->pushRawResourceColumn($sudoerRow, $this->createResourceList($sudoRunAsUsers)); $this->pushRawResourceColumn($sudoerRow, $this->createResourceList($sudoer->getSudoerCommands())); $this->pushRawResourceColumn($sudoerRow, $this->createResourceList($sudoer->getSudoerOptions())); $actions = array(); $actions[] = $this->createActionLink('openstackmanager-modify', array('action' => 'modify', 'sudoername' => $sudoerName, 'project' => $projectName)); $actions[] = $this->createActionLink('openstackmanager-delete', array('action' => 'delete', 'sudoername' => $sudoerName, 'project' => $projectName)); $this->pushRawResourceColumn($sudoerRow, $this->createResourceList($actions)); $sudoerRows[] = $sudoerRow; } if ($sudoerRows) { $out = $this->createResourceTable($headers, $sudoerRows); } else { $out = ''; } return $out; }
/** * Deletes a project based on project name. This function will also delete all roles * associated with the project. * * @param $projectname String * @return bool */ static function deleteProject($projectname) { global $wgAuth; OpenStackNovaLdapConnection::connect(); $project = new OpenStackNovaProject($projectname); if (!$project) { return false; } $dn = $project->projectDN; # Projects can have roles as sub-entries, we need to delete them first $result = LdapAuthenticationPlugin::ldap_list($wgAuth->ldapconn, $dn, 'objectclass=*'); $roles = LdapAuthenticationPlugin::ldap_get_entries($wgAuth->ldapconn, $result); array_shift($roles); foreach ($roles as $role) { $roledn = $role['dn']; $success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $roledn); if ($success) { $wgAuth->printDebug("Successfully deleted role {$roledn}", NONSENSITIVE); } else { $wgAuth->printDebug("Failed to delete role {$roledn}", NONSENSITIVE); } } # Projects can have a separate group entry. If so, delete it now. if (OpenStackNovaProject::useProjectGroup()) { OpenStackNovaProjectGroup::deleteProjectGroup($projectname); } # Projects have a sudo OU and sudoers entries below that OU, we must delete them first $sudoers = OpenStackNovaSudoer::getAllSudoersByProject($project->getProjectName()); foreach ($sudoers as $sudoer) { $success = OpenStackNovaSudoer::deleteSudoer($sudoer->getSudoerName(), $project->getProjectName()); if ($success) { $wgAuth->printDebug("Successfully deleted sudoer " . $sudoer->getSudoerName(), NONSENSITIVE); } else { $wgAuth->printDebug("Failed to delete sudoer " . $sudoer->getSudoerName(), NONSENSITIVE); } } $success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $project->getSudoersDN()); if ($success) { $wgAuth->printDebug("Successfully deleted sudoers OU " . $project->getSudoersDN(), NONSENSITIVE); } else { $wgAuth->printDebug("Failed to delete sudoers OU " . $project->getSudoersDN(), NONSENSITIVE); } # And, we need to clean up service groups. $servicegroups = $project->getServiceGroups(); foreach ($servicegroups as $group) { $groupName = $group->groupName; $success = OpenStackNovaServiceGroup::deleteServiceGroup($groupName, $project); if ($success) { $wgAuth->printDebug("Successfully deleted service group " . $groupName, NONSENSITIVE); } else { $wgAuth->printDebug("Failed to delete servie group " . $groupName, NONSENSITIVE); } } $success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $dn); if ($success) { $wgAuth->printDebug("Successfully deleted project {$projectname}", NONSENSITIVE); return true; } else { $wgAuth->printDebug("Failed to delete project {$projectname}", NONSENSITIVE); return false; } }